Add the security index for the YFS variant of rxgk.

Signed-off-by: David Howells <dhowe...@redhat.com>
---

 fs/afs/misc.c              |   13 +++++++++++++
 include/uapi/linux/rxrpc.h |   17 +++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/fs/afs/misc.c b/fs/afs/misc.c
index 1d1a8debe472..796783774e36 100644
--- a/fs/afs/misc.c
+++ b/fs/afs/misc.c
@@ -102,6 +102,19 @@ int afs_abort_to_error(u32 abort_code)
        case RXKADDATALEN:      return -EKEYREJECTED;
        case RXKADILLEGALLEVEL: return -EKEYREJECTED;
 
+       case RXGK_INCONSISTENCY:        return -EPROTO;
+       case RXGK_PACKETSHORT:          return -EPROTO;
+       case RXGK_BADCHALLENGE:         return -EPROTO;
+       case RXGK_BADETYPE:             return -ENOPKG;
+       case RXGK_BADLEVEL:             return -EKEYREJECTED;
+       case RXGK_BADKEYNO:             return -EKEYREJECTED;
+       case RXGK_EXPIRED:              return -EKEYEXPIRED;
+       case RXGK_NOTAUTH:              return -EKEYREJECTED;
+       case RXGK_BAD_TOKEN:            return -EKEYREJECTED;
+       case RXGK_SEALED_INCON:         return -EKEYREJECTED;
+       case RXGK_DATA_LEN:             return -EPROTO;
+       case RXGK_BAD_QOP:              return -EKEYREJECTED;
+
        case RXGEN_OPCODE:      return -ENOTSUPP;
 
        default:                return -EREMOTEIO;
diff --git a/include/uapi/linux/rxrpc.h b/include/uapi/linux/rxrpc.h
index 8f8dc7a937a4..0e296d219191 100644
--- a/include/uapi/linux/rxrpc.h
+++ b/include/uapi/linux/rxrpc.h
@@ -73,6 +73,7 @@ enum rxrpc_cmsg_type {
 #define RXRPC_SECURITY_RXKAD   2       /* kaserver or kerberos 4 */
 #define RXRPC_SECURITY_RXGK    4       /* gssapi-based */
 #define RXRPC_SECURITY_RXK5    5       /* kerberos 5 */
+#define RXRPC_SECURITY_YFS_RXGK        6       /* YFS gssapi-based */
 
 /*
  * RxRPC-level abort codes
@@ -118,4 +119,20 @@ enum rxrpc_cmsg_type {
 #define RXKADDATALEN           19270411        /* user data too long */
 #define RXKADILLEGALLEVEL      19270412        /* caller not authorised to use 
encrypted conns */
 
+/*
+ * RxGK GSSAPI security abort codes.
+ */
+#define RXGK_INCONSISTENCY     1233242880      /* Security module structure 
inconsistent */
+#define RXGK_PACKETSHORT       1233242881      /* Packet too short for 
security challenge */
+#define RXGK_BADCHALLENGE      1233242882      /* Invalid security challenge */
+#define RXGK_BADETYPE          1233242883      /* Invalid or impermissible 
encryption type */
+#define RXGK_BADLEVEL          1233242884      /* Invalid or impermissible 
security level */
+#define RXGK_BADKEYNO          1233242885      /* Key version number not found 
*/
+#define RXGK_EXPIRED           1233242886      /* Token has expired */
+#define RXGK_NOTAUTH           1233242887      /* Caller not authorized */
+#define RXGK_BAD_TOKEN         1233242888      /* Security object was passed a 
bad token */
+#define RXGK_SEALED_INCON      1233242889      /* Sealed data inconsistent */
+#define RXGK_DATA_LEN          1233242890      /* User data too long */
+#define RXGK_BAD_QOP           1233242891      /* Inadequate quality of 
protection available */
+
 #endif /* _UAPI_LINUX_RXRPC_H */


Reply via email to